RFD 0189 Windows Desktop Access guide #48013
Conversation
Signed-off-by: Dave Sudia <[email protected]>
thedevelopnik
added
rfd
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
|
|
||
| ### Appetite/Resources | ||
|
|
||
| We want the scope of this project to be doable for a full-stack engineer with some design input, within 6 weeks. |
There was a problem hiding this comment.
I don't think this is doable in 6 weeks.
We had a tighter-scoped goal of doing this only for EC2 instances on AWS a couple quarters ago and couldn't manage to fit that in with a dev who was experienced in the Windows domain.
This is more complicated than any of the existing discover flows that I'm aware of, because you need to install and configure Teleport software on at least two servers instead of 1 (the Linux instance running the agent and the target Windows instance).
Remotely installing software on a Windows machine is not something we've ever done, and this is further complicated by the facts that:
- the Windows host has to be rebooted after the software is installed
- the Teleport software that runs on Windows doesn't make any network connections, so it can't phone home and tell us when it's ready
None of this is impossible to solve, but it's tricky and likely requires a lot more than 6 weeks of a fullstack developer's time.
There was a problem hiding this comment.
@zmb3 I think I needed to be clearer about intention. I don't think we need to make this remotely installing the software. For other guides like SSH we just give them a script and have them run it. I think we should offer some kind of confirmation that the Desktop Service is running, but that can be a manual run of the script, and similarly running the script on the Windows box and restarting it can be manual actions on the user's part, we're just auto-generating the script.
Let me know what you think.
| * Must have hostname | ||
| * Set up Windows box | ||
| * Generate script to install components (similar to linux ssh flow) | ||
| * Setup Service |
There was a problem hiding this comment.
Something to consider -
This flow implies that we'll stand up a new agent (running on Linux) each time they enter the flow. This is probably fine for the very first getting started experience, but we often see customers struggle with what's next after that.
We don't want people to run through this flow a bunch of times, as having a Linux agent per-Windows host is an inefficient and expensive setup.
We can expect questions like "OK, I ran through that once and added a desktop. What do I do if I want to add a couple more, or if I want to enable discovery?"
There was a problem hiding this comment.
This is a good point. One thing I'd like to start adding to guides, but starting with this one, is links out to docs at the end for "dive deeper" or "next steps." Maybe part of creating this guide should also be creating a doc page that explains how to modify the Desktop Service to add more Windows hosts that we link to at the end?
Co-authored-by: Zac Bergquist <[email protected]>
Co-authored-by: Zac Bergquist <[email protected]>
Co-authored-by: Zac Bergquist <[email protected]>
rendered